{ config, lib, pkgs, ... }:

let
  vaas = import ./VaaS/default.nix {inherit pkgs; };

  transitfeed = pkgs.fetchFromGitHub {
    owner = "google";
    repo = "transitfeed";
    rev = "d727e97cb66ac2ca2d699a382ea1d449ee26c2a1";
    sha256 = "0kmcmdja6h7gzvi40c9qfzxh6qwv5184g2rgpqx5rhj4ql9ini3h";
  };

  index = pkgs.copyPathToStore ./VaaS/index.html;
in
{
  systemd.services.vaas = {
    enable = true;
    wantedBy = [ "multi-user.target" ];
    after = [ "network.target" ];
    description = "GTFS feed validator as a service";
    path = [ pkgs.python2 pkgs.python2Packages.pytz pkgs.python2Packages.enum34 ];
    serviceConfig = {
      ExecStart = "${vaas}/bin/VaaS ${transitfeed}/feedvalidator.py ${index}";
      Restart = "always";
      PrivateTmp = "true";
      PrivateDevices = "true";
      ProtectSystem = "strict";
      ReadWritePaths = [ "/tmp" ];
    };

  };

  services.nginx.virtualHosts."gtfs.stuebinm.eu" = {
    enableACME = true;
    forceSSL = true;
    locations."/".proxyPass = "http://localhost:7000";
  };
}